-----BEGIN PGP SIGNED MESSAGE-----

Thomas J. Boschloo wrote:

| Thanks for the clarification. I was under the assumption that Reliable
| 'outsourced' its mixmaster traffic to the mixmaster executable.. I was
| wrong.
|
| OTOH, this can be very worrying to users of reliable as I have seen code
| (posted by Richard some years ago) that Reliable used the standard
| Visual Basic RNG for ESub instead of sound cryptographically strong
| random functions! I wouldn't trust RProcess of doing sound cryptography
| from what limited code I have seen from him.. If the seed of the VB
| rand() function is known, an attacker could perhaps predict the order in
| which messages leave the remailer <scarry thought>.

Since I wrote this, I have had some more time to think about it. Since
the ESub function in Reliable uses Visual Basic's standard (non-crypto)
random function, an attacker can, by sending an ESub message, get the 64
bits that are randomized and search for the seed which results in these
64 bits to get selected.

This seems very bad to me. It is worse than using random functions on
its own since the attacker can see the output of the rand() function.

How should this be solved then? My guess is that all uses of the rand()
function in Reliable should be replaced by its secure counterparts. I am
sure someone with good knowledge of Visual Basic could access the
cryptographically sound random functions in Windows that perhaps,
RProcess didn't have access to at the time...

| | You do understand that Reliable latency is a random time between a
| | Minimum and Maximum latency configured by the operator.
|
| That doesn't seem like a good idea to me at all! Even Minimum latency
| seems like a design flaw to me..

Also having spend more time thinking on this, the range of latency that
a message in Reliable will have will be limited between the Min and Max
latency settings set by the operator. A solution would be to set the
Minimum latency to 0 seconds and the Maximum latency to something like
three days.

Highest esteems,
Thomas J.
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

 iQB5AwUBQaB0HgEP2l8iXKAJAQELNAMgiiGo0kw8
gfeAAenJVL+EMkolz6d4ZpgJ
 lUL+n3paJMgVVFSoOrAxyZHi08j0Fw9IPnwmsAft
TMYyU6G/N2EpvJiPorkNjR7c
 XDHQaD5F1lVQbGIjwYkALbEkxCMtZNmVuWXF+w==

=qA7A
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi !

>How should this be solved then? My guess is that all uses of the rand()
>function in Reliable should be replaced by its secure counterparts. I am
>sure someone with good knowledge of Visual Basic could access the
>cryptographically sound random functions in Windows that perhaps,
>RProcess didn't have access to at the time...

My Reliable mod includes a setting to replace the rand() function with the
secure random number generator from Peter Gutmanns cryptlib.

Due to be released any day now,
Cheers,
panta-admin

-----BEGIN PGP SIGNATURE-----
Version: N/A

iQA/AwUBQaB/ Ix2e88Id2BOOEQI1lgCgyxUcYbWtxKsCzxPUuF3m
/mBJBi8AoPot
sNTRi3q3AeHc79qO6Aqxk54/
=G9jn
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown.  Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.

[ Post a follow-up to this message ]

-----BEGIN PGP SIGNED MESSAGE-----

panta-admin wrote:
| Hi !
|
|
|>>How should this be solved then? My guess is that all uses of the rand()
|>>function in Reliable should be replaced by its secure counterparts. I am
|>>sure someone with good knowledge of Visual Basic could access the
|>>cryptographically sound random functions in Windows that perhaps,
|>>RProcess didn't have access to at the time...
|
|
| My Reliable mod includes a setting to replace the rand() function with the
| secure random number generator from Peter Gutmanns cryptlib.
|
| Due to be released any day now,
| Cheers,
| panta-admin

I think you do a commendable job on maintaining Reliable panta-admin,
diversity is good in remailer servers!

Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

 iQB5AwUBQahvQAEP2l8iXKAJAQHBJAMfRi3hkmsE
kbSN7oJJflj2g3sINvQHxM0D
9UA8072u1tAzS/BA75Gd1m/ sKjUCBXjLO8OdAOagiHC1GN21yyGT8U+o9POiZin
I
rNmzz5d/P7ECQMDUjJnpsV87/ofe4AZ9jamctQ==
=dJre
-----END PGP SIGNATURE-----

[ Post a follow-up to this message ]